Next Article in Journal
Clusters with Minimum Transportation Cost to Centers: A Case Study in Corn Production Management
Previous Article in Journal
Emotions and Behavior Regulation in Decision Dilemmas
Previous Article in Special Issue
On Information Aggregation and Interim Efficiency in Networks
Article Menu

Export Article

Open AccessArticle
Games 2017, 8(2), 23; doi:10.3390/g8020023

Security Investment, Hacking, and Information Sharing between Firms and between Hackers

Faculty of Social Sciences, University of Stavanger, 4036 Stavanger, Norway
Academic Editor: Christos Dimitrakakis
Received: 5 April 2017 / Revised: 9 May 2017 / Accepted: 21 May 2017 / Published: 25 May 2017
(This article belongs to the Special Issue Decision Making for Network Security and Privacy)
View Full-Text   |   Download PDF [1372 KB, uploaded 30 May 2017]   |  

Abstract

A four period game between two firms and two hackers is analyzed. The firms first defend and the hackers thereafter attack and share information. Each hacker seeks financial gain, beneficial information exchange, and reputation gain. The two hackers’ attacks and the firms’ defenses are inverse U-shaped in each other. A hacker shifts from attack to information sharing when attack is costly or the firm’s defense is cheap. The two hackers share information, but a second more disadvantaged hacker receives less information, and mixed motives may exist between information sharing and own reputation gain. The second hacker’s attack is deterred by the first hacker’s reputation gain. Increasing information sharing effectiveness causes firms to substitute from defense to information sharing, which also increases in the firms’ unit defense cost, decreases in each firm’s unit cost of own information leakage, and increases in the unit benefit of joint leakage. Increasing interdependence between firms causes more information sharing between hackers caused by larger aggregate attacks, which firms should be conscious about. We consider three corner solutions. First and second, the firms deter disadvantaged hackers. When the second hacker is deterred, the first hacker does not share information. Third, the first hacker shares a maximum amount of information when certain conditions are met. Policy and managerial implications are provided for how firms should defend against hackers with various characteristics. View Full-Text
Keywords: information sharing; cyber security; game theory; asset allocation; cyber war; contest success function; security investment; policy information sharing; cyber security; game theory; asset allocation; cyber war; contest success function; security investment; policy
Figures

Figure 1

This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. (CC BY 4.0).

Scifeed alert for new publications

Never miss any articles matching your research from any publisher
  • Get alerts for new papers matching your research
  • Find out the new papers from selected authors
  • Updated daily for 49'000+ journals and 6000+ publishers
  • Define your Scifeed now

SciFeed Share & Cite This Article

MDPI and ACS Style

Hausken, K. Security Investment, Hacking, and Information Sharing between Firms and between Hackers. Games 2017, 8, 23.

Show more citation formats Show less citations formats

Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Related Articles

Article Metrics

Article Access Statistics

1

Comments

[Return to top]
Games EISSN 2073-4336 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top